A digital data communications network that supports efficient, scalable routing of data and use of network resources by combining a recursive division of the network into hierarchical sub-networks with repeating parameterized general purpose link communication protocols and an addressing methodology that reflects the physical structure of the underlying network hardware. The sub-division of the network enhances security by reducing the amount of the network visible to an attack and by insulating the network hardware itself from attack. The fixed bandwidth range at each sub-network level allows quality of service to be assured and controlled. The routing of data is aided by a topological addressing scheme that allows data packets to be forwarded towards their destination based on only local knowledge of the network structure, with automatic support for mobility and multicasting. The repeating structures in the network greatly simplify network management and reduce the effort to engineer new network capabilities.
Legal claims defining the scope of protection, as filed with the USPTO.
1. In a network of entities operable in accordance with a network protocol, a method of operation comprising: creating and terminating synchronized shared state between communicating entities to coordinate their behavior; establishing between the communicating entities, responsive to the shared state, a data transfer relationship using the shared state, wherein the data transfer relationship represents an interprocess communication service (IPC) between the communicating entities; generating a set of messages operable to be exchanged between the communicating entities to coordinate their behavior and control the transfer of data, wherein: (a) each function of the protocol is separated into a mechanism and at least one policy; (b) the policy comprises policy components, the policy components comprising at least a sending policy and a receiving policy; and (c) instances of policy components are determined for each function of the protocol upon initiation of shared state, and wherein: separating mechanism and at least one policy creates a single relaying and multiplexing protocol and a single error and flow control protocol, and the single relaying and multiplexing protocol and single error and flow control protocol, either alone or in a combination of a layered organization, are operable to provide the services of any data transfer service; and expanding the network of entities in a repeatable manner to establish a recursive layered structure, wherein each of the communication entities is substantially the same and provides IPC resources to an adjacent layer of the recursive layered structure.
2. The method of claim 1 wherein instances of policy components are negotiated for each function.
3. The method of claim 1 wherein instances of policy components are determined by ad hoc means.
4. The method of claim 1 wherein the method may be applied to data transfer protocols and to application protocols.
5. The method of claim 4 wherein the data transfer protocols can include (a) relaying and multiplexing protocols, and (b) error and flow control protocols.
6. The method of claim 1 further comprising applying the foregoing steps to application protocols to separate functions of applications into mechanism and policy.
7. The method of claim 6 wherein the functions separated are application specific functions in a data transfer portion of a protocol.
8. The method of claim 1 wherein the data transfer relationship is a reliable, flow-controlled data transfer relationship.
9. The method of claim 1 wherein the data transfer relationship is characterized by any of (1) minimal shared state sufficient to exchange data or (2) shared state without flow control or reliability.
10. The method of claim 1 wherein separating mechanism and policy exposes functions of two types, wherein a first type comprises functions whose coordinating state information must be associated with a Transfer or Data PDU, and a second type comprises functions whose coordinating state information need not be associated with a Transfer or Data PDU.
11. The method of claim 1 wherein separating mechanism and policy results in an implementation of a protocol machine comprising substantially independent first and second portions, wherein the first portion contains substantially no policy, and the second portion contains substantially all policy.
12. The method of claim 11 wherein the first portion is substantially a hardware portion, and the second portion is substantially a software portion.
13. The method of claim 1 operable to support either of two configurations, a first utilizing a connectionless relaying protocol and an end-to-end error and flow control protocol, and a second utilizing a relaying protocol of tightly bound functions and an error and flow control protocol of loosely bound functions.
14. The method of claim 1 operable to support a configuration utilizing a connectionless relaying protocol and an end-to-end error and flow control protocol.
15. The method of claim 1 operable to support a configuration utilizing a relaying protocol of tightly bound functions and an error and flow control protocol of loosely bound functions.
16. A method for transferring data between entities in a network, the method comprising: configuring data transfer protocols that separate mechanism and policy and enable control of the transfer of data between the entities in a hierarchical topological address space, wherein the entities are communicatively coupled by way of an interprocess communication service (IPC); configuring applications that manage the transfer of data and also separate mechanism and policy, the configuring including the provision of one or more of: (a) a layer management set comprising one or more of: (1) providing management communication between the applications and a system management application; (2) managing security policies and keys, (3) managing the enrollment of applications, and (4) assigning addresses to entities becoming a member of a defined layer; (b) a resource allocation set comprising one or more of: (1) computing routes, (2) monitoring the QoS of routes emanating from the corresponding subsystem, and (3) managing flows emanating from or passing through this subsystem; (c) security management mechanisms; and (d) for each flow with a given QoS to a remote destination, aggregating flows as required to provide selected classes of QoS and for user applications, and wherein the network of entities is expandable in a repeatable manner to establish a recursive layered structure, wherein each of the entities is substantially the same and provides IPC resources to an adjacent layer of the recursive layered structure.
17. The method of claim 16 , applying at least a portion of the foregoing steps to aggregated or multiplexed data streams.
18. The method of claim 16 , comprising multiple instances of the foregoing steps, and wherein both the data transfer protocols and the applications in each instance: (a) employ separation of mechanism and policy and (b) encode their control coordination in messages encoded with an abstract syntax translated to a concrete syntax.
19. The method of claim 18 wherein: each instance can operate in accordance with a set of policies and parameters over a given range of bandwidth, and flows managed thereby operate over given ranges of QoS parameters, whereby the method can be applied recursively with different policies and parameters over an entire range of bandwidth and QoS.
20. The method of claim 19 wherein cooperating instances of identical rank form a layer of a specific scope operable to manage flows of a given bandwidth range, specific QoS or scope of management.
21. The method of claim 20 wherein: instances at a higher rank generally manage lower bandwidth ranges and narrower QoS, and generally have greater scope, and instances at lower ranks generally have higher bandwidth ranges and manage flows with broader QoS and less scope.
22. The method of claim 21 wherein within a range of QoS handled by a given layer, specific flows between senders and receivers further subdivide the range of QoS.
23. The method of claim 21 further comprising defining specialized higher rank layers to have restricted scope, and wherein a specialized higher rank layer is a VPN.
24. The method of claim 21 further comprising: defining an address space comprising a set of strings having a topological structure; defining a set of entities in the network, each entity to be identified by an associated, respective address assigned thereto; defining a mapping function, the mapping function being defined with a range of the address space and a domain of the entities, and having the properties of a topology; and assigning respective addresses to the entities based on the mapping function, such that the addresses assigned to the entities are topologically dependent.
25. The method of claim 24 wherein the mapping function is based on a topology having a distance function d(a, b), where d is the distance function, and a and b are assigned addresses having the following properties: d(a, b)>0 for all values of a and b; d(a, b)=0 if and only if a=b; d(a, b)=d(b, a); and d(a, c)<d(a, b)+d(b, c).
26. The method of claim 25 further wherein an orientation may be associated with the address space.
27. The method of claim 24 wherein the data transfer and topological addressing functions are collectively operable to support mobility and multi-homing, without need for mechanisms specifically adapted for mobility or multi-homing.
28. The method of claim 16 further comprising: defining an address space comprising a set of strings having a topological structure; defining a set of entities in the network, each entity to be identified by an associated, respective address assigned thereto; defining a mapping function, the mapping function being defined with a range of the address space and a domain of the entities, and having the properties of a topology; and assigning respective addresses to the entities based on the mapping function, such that the addresses assigned to the entities are topologically dependent, wherein: (a) messages operable to be exchanged between communicating entities in the network are expressed in terms of an abstract syntax language and are translated into bit patterns for exchange between communicating entities according to one or more syntax definitions; (b) each function of a communications protocol is separated into a mechanism and at least one policy; (c) the policy comprises policy components, the policy components comprising at least a sending policy and a receiving policy; and (d) instances of policy components are determined for each function of the protocol upon initiation of shared state, and further comprising: recursively executing the configuring to create subnetworks wherein, as the number of entities in the network increases, the number of addressable elements to be managed within a subnetwork remains substantially constant.
29. In a network of entities operable in accordance with a network protocol, a non-transitory system comprising: a memory comprising computer instructions; and means for creating and terminating synchronized shared state between communicating entities to coordinate their behavior; means for establishing between the communicating entities, responsive to the shared state, a data transfer relationship using the shared state, wherein the data transfer relationship represents an interprocess communication service (IPC) between the communicating entities; and means for generating a set of messages operable to be exchanged between the communicating entities to coordinate their behavior and control the transfer of data, wherein: (a) each function of the protocol is separated into a mechanism and at least one policy; (b) the policy comprises policy components, the policy components comprising at least a sending policy and a receiving policy; and (c) instances of policy components are determined for each function of the protocol upon initiation of shared state wherein: separating mechanism and at least one policy creates a single relaying and multiplexing protocol and a single error and flow control protocol, and the single relaying and multiplexing protocol and single error and flow control protocol, either alone or in a combination of a layered organization, are operable to provide the services of any data transfer service; and means for expanding the network of entities in a repeatable manner to establish a recursive layered structure, wherein each of the communication entities is substantially the same and provides IPC resources to an adjacent layer of the recursive layered structure.
30. A non-transitory system for transferring data between entities in a network having a hierarchical topological address space, the system comprising: a memory comprising computer instructions; and means for configuring data transfer protocols that separate mechanism and policy and enable control of the transfer of data between the entities, wherein the entities are communicatively coupled by way of an interprocess communication service (IPC); means for configuring applications that manage the transfer of data and also separate mechanism and policy, the means for configuring including means for providing one or more of: (a) a layer management set comprising one or more of: (1) providing management communication between the applications and a system management application; (2) managing security policies and keys, (3) managing the enrollment of applications, and (4) assigning addresses to entities becoming a member of a defined layer; (b) a resource allocation set comprising one or more of: (1) computing routes, (2) monitoring the QoS of routes emanating from the corresponding subsystem, and (3) managing flows emanating from or passing through this subsystem; (c) security management mechanisms; and (d) for each flow with a given QoS to a remote destination, aggregating flows as required to provide selected classes of QoS and for user applications, and wherein the network of entities is expandable in a repeatable manner to establish a recursive layered structure, wherein each of the entities is substantially the same and provides IPC resources to an adjacent layer of the recursive layered structure.
Cooperative Patent Classification codes for this invention. Click any code to explore related patents in that topic.
March 5, 2004
January 24, 2012
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.